Android Banking Malware SlemBunk Part of Well-Organized Campaign

itwbennett writes: Researchers from FireEye first documented the SlemBunk Android Trojan that targets mobile banking users in December. Once installed, it starts monitoring the processes running on the device and when it detects that a mobile banking app is launched, it displays a fake user interface on top of it to trick users into inputting their credentials. The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers. The attack is more complicated than it appears at first glance, because the APK (Android application package) that users first download does not contain any malicious functionality, making it hard for antivirus apps and even Android's built-in app scanner to detect it.

Re: How do you like your lack of control now?

This malware isn't from the Google play store, its from some porn site. The summary is garbage. Summary: user vists porn website, a pop up says please update flash. User clicks OK and downloads a .apk file. User has to go into options to allow side loading of apps and install the .apk he just downloaded. No shit bad stuff will happen.

Re:How do you like your lack of control now?

[Namarrgon]

Malware like this is possible because Android *does* offer you control, like sideloading. It's iOS that restricts control (and apparently many users need to be controlled for their own good).

Google can also nuke this shit, but only if its Play Services is installed. Most Chinese android devices are unassociated with Google, apart from using the AOSP codebase.

Re:Never

[DogDude]

Banking with banks is dumb unless you're ultra-rich. Everybody else should use credit unions.